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Description 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

[0001] The present invention relates to software cop- 
ying systems, and more specifically, to a software copy- 
ing system which enables copyrighted software to be du- 
plicated in a user's storage medium in a legitimate man- 
ner. 

2. Description of the Related Art 

[0002] A wide variety of software distribution methods 
have become available in recent years, and the consum- 
ers can purchase software products which are stored in 
some storage media such as floppy disks, compact disc 
read-only memories (CD-ROMs), and semiconductor 
memories. They can also buy some software products 
sold at on-line shops by downloading via networks. Most 
of such commercial software products, however, can be 
copied into other storage media easily. This means that 
they are exposed to the potential riskof illegal duplication, 
or software piracy, which has become a serious problem 
for copyrighted software. 

[0003] As to the software distribution methods for com- 
puter applications, dictionaries, audio and video data, 
etc., one of the conventional methods is to distribute them 
in a CD-ROM that is electronically locked by a protection 
key. When a user is interested in a certain software prod- 
uct, he/she makes contact with a central site that is deal- 
ing that product. The user then takes a necessary pro- 
cedure to purchase it, and in turn receives a key pertain- 
ing to the product. By opening the protected software 
archive with that key, the user can finally install it into 
his/her system. 

[0004] Another method of software distribution uses a 
writable storage medium that contains some license-spe- 
cific identification information burned in advance, which 
information is managed at the central site for licensing 
the right to copy their software products. When trying to 
duplicate a software product recorded in a CD-ROM, a 
user or a retailer selling the storage media will send their 
request to the central site. After following some neces- 
sary procedures for purchasing that subject software 
product, the requesting user or retailer receives identifi- 
cation information issued by the central site. The subject 
software product can be duplicated from the CD-ROM to 
the storage medium, only when the received identifica- 
tion information coincides with the license-specific iden- 
tification information recorded in the storage medium. 
[0005] But anyone can execute or make access to the 
software, once it is installed into his/her local storage 
device such as a hard drive. This simply means that the 
installed software still is a subject of illegal duplication 
due to the lack of key protection. 
[0006] Further, in the aforementioned second method, 



the license-related identification information should be 
controlled at the central site in close liaison with a factory 
where the storage media are manufactured. Another 
problem with the storage media is that it is required to 
5 handle two types of storage media in different ways for 
two distinct purposes: software copying and general use. 
[0007] US patent 4,658,093 discloses a system for se- 
cure distribution of software comprising a base unit which 
uses the software, a remote authorization unit which au- 
10 thorizes the use of the software in the base unit, means 
providing communication between the base unit and the 
authorization unit, means in said base unit for inhibiting 
use of the software unless authorization for use has been 
received from the authorization unit, means in said base 
15 unit for communicating software requests to the author- 
ization unit, wherein said request includes at least iden- 
tification of the base unit, the number of uses requested 
and a random or non-repeating number, means in said 
authorization unit for processing said request including 
20 identification of the base unit, the number of uses re- 
quested, and the random number and providing an au- 
thorization for the requested number of uses, means in 
said base unit for receiving and verifying the authorization 
and means in said base unit permitting use of the soft- 
25 ware for the number of uses authorized by the authori- 
zation unit. 

[0008] EP 0 302 710 A2 discloses a method of con- 
trolling the use and replication of diskette software con- 
tents and the like on unauthorized diskette-driven com- 
30 puting systems. 

[0009] US patent 5,182,770 discloses an integrated 
software piracy prevention system incorporating several 
characteristic identification codes identifying installation 
and software components. A separate security device is 
35 attached to and in communication with the protected 
computer system. It is interactively queried regarding 
proper authorization of the current user. This approach 
is flexible and provides economical tracking of licensees 
and their use of sophisticated programs. 
40 [001 0] EP 0 665 486 A2 reveals a method of protecting 
electronically published documents. It involves operating 
a computer system and network forelectronic publication 
of documents. 

[001 1] IBM, Technical Disclosure Bulletin, Vol. 37 No. 
45 4B April 1994, pages 623 to 625, "Secure Source Data 
Transport in a There Party System" discloses a method 
which allows information suppliers to securely distribute 
data to information customers who, in turn, use the data 
in third party tools including a means for allowing a tool 
50 to analyze the original data, while allowing the informa- 
tion customer to act only as a carrier of an unreadable 
form of the data. 

[001 2] It is the object of the present invention to provide 
a software copying method and a software copying sys- 
55 tern, which enables copyrighted data recorded in a mas- 
ter storage medium to be copied in a legitimate manner 
to a target storage medium that a user can read and write 
to. 
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[0013] The object is solved by the features of the in- 
dependent claims. The dependent claims contain further 
developments. 

[0014] To accomplish the above object, according to 
the present invention, there is provided a software cop- 
ying system for duplicating software recorded in a master 
storage medium to a target storage medium in a legiti- 
mate manner. An authorized copying process is achieved 
through communications between an end user's site that 
is requesting a license of copying the software product 
and a central site that manages the license. 
[001 5] The software copying system comprises the fol- 
lowing structural elements. Contents identifier reading 
means reads out a first identifier the master storage me- 
dium. This first identifier is uniquely assigned to the soft- 
ware product recorded in the master storage medium. 
Storage medium identifier reading means reads out a 
second identifier from the target storage medium. This 
second identifier is uniquely assigned to and recorded in 
the target storage medium. Signature generating means, 
which is disposed at the central site, generates a first 
signature from the first identifier read out by the contents 
identifier reading means and the second identifier read 
by the storage medium identifier reading means. This 
first signature serves as a certificate of a license to copy 
the software product. Signature writing means writes the 
first signature generated by the signature generating 
means into the target storage medium. For a verification 
purpose, signature generating/comparing means gener- 
ates a second signature from the first identifier read out 
by the contents identifier reading means and the second 
identifier read out by the storage medium identifier read- 
ing means. The signature generating/comparing means 
then compares the first signature stored in the target stor- 
age medium with the second signature. Data copying 
means retrieves the software product out of the master 
storage medium and writes the software product into the 
target storage medium, when the first and second iden- 
tifiers turned out to be identical as a result of the com- 
parison performed by the signature generating/compar- 
ing means. 

[0016] To accomplish the above object, there is also 
provided a software copying method for duplicating soft- 
ware recorded in a master storage medium to a target 
storage medium in a legitimate manner. This software 
copying method comprises the following steps. 
[0017] First, a storage medium identifier uniquely as- 
signed to the target storage medium and a contents iden- 
tifier uniquely assigned to a subject data file are sentfrom 
an end user's site to a central site, together with a mes- 
sage requesting a software license. Second, a first cer- 
tificate code is generated at the central site from the stor- 
age medium identifier and the contents identifier received 
from the end user site. This step is accomplished through 
a signature generating process using a certification key 
that is managed at the central site. Third, an encrypted 
certification key is generated at the central site by en- 
crypting the certification key using a user key. Fourth, 



the first certificate code and the encrypted certification 
key are sent from the central site to the end user's site. 
Fifth, the first certificate code and the encrypted certifi- 
cation key arrived at the end user's site from the central 

5 site is written into the target storage medium. Sixth, a 
decrypted certification key is obtained at the end user's 
site by decrypting, using the user key, the encrypted cer- 
tification key stored in the target storage medium. Sev- 
enth, a second certification code is generated, for the 

10 purpose of verification at the end user's site, by applying 
a signature generating process using the decrypted cer- 
tification key to the storage medium identifier and the 
contents identifier. Eighth, the first certificate code stored 
in the target storage medium is compared with the second 

15 certificate code that is generated at the end user's site. 
Lastly, the subject data file stored in the master storage 
medium is read out and written into the target storage 
medium if the first and second certificate codes coincide 
with each other. 

20 [0018] The above and other objects, features and ad- 
vantages of the present invention will become apparent 
from the following description when taken in conjunction 
with the accompanying drawings which illustrate a pre- 
ferred embodiment of the present invention by way of 

25 example. 

BRIEF DESCRIPTION OF THE DRAWINGS 
[0019] 

30 

FIG. 1 is a conceptual view of a software copying 
system according to the present invention; 
FIG. 2 is a flowchart showing a software duplication 
process executed by a software copying system in 
35 a first embodiment of the present invention; 

FIG. 3(A) is a diagram showing the structure of a 
CD-ROM; 

FIG. 3(B) is a diagram showing the structure of an 
MO disc; 

^0 FIG. 4 is a diagram showing a procedure of dupli- 
cating copyrighted software; 
FIG. 5 is a diagram showing the structure of a typical 
signature processor; 

FIG. 6 is a diagram showing a procedure of executing 
45 a duplicated software program; 

FIG. 7 is a flowchart showing a software duplication 

process executed by a software copying system in 

a second embodiment of the present invention; 

FIG. 8 is a diagram showing a procedure at the cen- 
50 tral site; 

FIG. 9 is a diagram showing a procedure at the end 

user's site; and 

FIG. 10 is a diagram showing a procedure of exe- 
cuting a duplicated software program. 

55 

DESCRIPTION OF THE PREFERRED EMBODIMENT 
[0020] At the outset, the present invention will be out- 
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lined with reference to FIG. 1 , which shows a conceptual 
view of a software copying system according to the 
present invention. 

[0021] As seen in FIG. 1 , the software copying system 
of the present invention comprises several elements de- 
scribed below. Contents identifier reading means 2 is a 
means for reading out a first identifier stored in a master 
storage medium 1. This first identifier is uniquely as- 
signed to each software product recorded in the master 
storage medium 1. Storage medium identifier reading 
means 4 reads out a second identifier stored in a target 
storage medium 3. This second identifier is uniquely as- 
signed to the target storage medium 3. Signature gener- 
ating means 6, disposed at a central site 5 that manages 
licenses for software copying, generates a first signature 
from the first and second identifiers read out by the con- 
tents identifier reading means 2 and storage medium 
identifier reading means 4, respectively. The first signa- 
ture serves as a certificate of a license to copy the soft- 
ware product. Signature writing means 7 writes the first 
signature, which is generated by the signature generating 
means 6, into the target storage medium 3. Signature 
generating/comparing means 8 produces a second sig- 
nature from the first and second identifiers respectively 
read out by the contents identifier reading means 2 and 
storage medium identifier reading means 4. The signa- 
ture generating/comparing means 8 compares the first 
signature stored in the target storage medium 3 with the 
second signature that is produced. Data copying means 
9 retrieves the subject software product out of the master 
storage medium 1 and writes it into the target storage 
medium 3, when the first and second signatures turned 
out to be identical as a result of the comparison performed 
by the signature generating/comparing means 8. 
[0022] The master storage medium 1 contains several 
commercial software products, to each of which a con- 
tents identifier is written. The target storage medium 3 
has an individual storage medium identifier which is writ- 
ten at the factory before shipment. When a user selects 
a software product from among those in the master stor- 
age medium 1, the contents identifier reading means 2 
retrieves a contents identifier corresponding to the se- 
lected software product, and then the storage medium 
identifier reading means 4 reads out a storage medium 
identifier recorded in the target storage medium 3. Those 
two identifiers are transmitted to the central site 5 togeth- 
er with a purchase order message to request a license 
to copy the subject software product. At the central site 
5, the signature generating means 6 receives the con- 
tents identifier and storage medium identifier and sends 
back to the user a signature that is generated from the 
received identifiers. This signature authorizes the user 
as a licensee having the right to copy the software prod- 
uct. Simultaneously with the issue of the signature, the 
user is registered in a user profile database at the central 
site 5, and a billing process is also invoked. 
[0023] At the user side, upon receipt of the signature 
sent from the signature generating means 6, the signa- 



ture writing means 7 writes it into the target storage me- 
dium 3. The signature generating/comparing means 8 
then locally generates a signature from the contents iden- 
tifier retrieved by the contents identifier reading means 
5 2 and the storage medium identifier retrieved by the stor- 
age medium identifier reading means 4. The signature 
generating/comparing means 8 compares this signature 
with the first-mentioned signature stored in the target 
storage medium 3. If the two signatures coincide with 
each other, the data copying means 9 retrieves the sub- 
ject software product, which is stored in encrypted form, 
from the master storage medium 1 and copies it into the 
target storage medium 3. The software now stored in the 
target storage medium 3, however, is not ready for exe- 
cution because it is still encrypted. The user has to load 
it to the main memory of a special processor which de- 
codes and executes the encrypted software. 
[0024] Next, a first embodiment of the present inven- 
tion will be described below with reference to FIGS. 2 to 
6. The following explanation assumes such a case that 
a certain copyrighted software program distributed in a 
CD-ROM is to be copied into a magneto-optical (MO) 
disc. 

[0025] FIG. 2 is a flowchart showing a software dupli- 
cation process performed by the software copying sys- 
tem. To copy a program in a CD-ROM to an MO disc 
using the software copying system of the present inven- 
tion, it is necessary to follow the steps of: 

[S1] The storage medium identifier IDk recorded in 
the MO disc and the software identifier SIDi of the 
subject software program are sent to the central site 
which manages license for software copying. 
[S2] This request for the software license is proc- 
essed at the central site, where a certificate code CS 
is generated from the storage medium identifier IDk 
and software identifier SIDi received from the end 
user site. The central site then sends back the cer- 
tificate code CS to the end user site. 
[S3] The certificate code CS arrived at the end user's 
site is written into a predetermined storage region in 
the MO disc. 

[S4] For a verification purpose, another certificate 
code CS' is generated locally at the end user's site, 
based on the storage medium identifier /D/cand soft- 
ware identifier SIDi, which were sent to the central 
site. 

[S5] The locally generated certificate code CS' is 
compared with the other certificate code CS stored 
in the MO disc. 

[S6] According to the result of the comparison be- 
tween CS and CS', the process proceeds in different 
ways. If the two certificate codes are found identical, 
the process goes to the next step S7. Otherwise, the 
process is terminated without copying the software 
program from the CD-ROM to the MO disc. 
[S7] An encrypted software data file having the soft- 
ware identifier SIDi is copied from the CD-ROM to 
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the prepared MO disc. 

[0026] FIGS. 3(A) and 3(B) show the structure of 
records in a CD-ROM and an MO disc, respectively. The 
structure of a CD-ROM 1 1 is shown in FIG. 3(A), where 
a plurality of copyrighted software programs and a man- 
ager application program MA are recorded. The copy- 
righted software programs, stored in encrypted form, 
have their respective software identifiers SIDi (i=1,2,... t 
n). The manager application program MA governs the 
operations to copy the copyrighted software programs 
from a CD-ROM to an MO disc. Upon requestfor software 
copying, this program will be loaded into and executed 
on a terminal station (e.g., a personal computer) located 
at the end user's site. That is, the manager application 
program MA is responsible for the steps executed at the 
end user's site as part of the procedure shown in FIG. 2. 
[0027] FIG. 3(B) is a diagram showing the record struc- 
ture of the MO disc 12, where a storage medium identifier 
IDk (k=1 ,2,..., m) is recorded. Although most part of the 
MO disc 12 can be freely written and/or read by the end 
users, the storage medium identifier IDk is written in a 
special part of the disc that is not rewritable. This storage 
medium identifier IDk may be a serial number which is 
assigned uniquely to each medium at the factory before 
shipment. 

[0028] The following description will present a more 
detailed procedure of duplicating copyrighted software 
from a CD-ROM to an MO disc with reference to FIG. 4. 
[0029] FIG. 4 shows a software copying procedure, 
which is roughly divided into two parts: steps at the end 
user's site (the right half of FIG. 4) and steps at the central 
site (the left half of FIG. 4). At the end user's site, a ter- 
minal station (e.g., a personal computer) performs actual 
data processing jobs pertaining to the software copying, 
while several devices located at the central site manages 
license for the software copying. Those two sites are in- 
terconnected by a communication line or a delivery chan- 
nel. 

[0030] The terminal station at the end user's site is 
equipped with a CD-ROM drive and an MO drive (both 
not shown). The CD-ROM 1 1 , serving as a master stor- 
age medium that stores copyrighted software programs, 
is inserted in the CD-ROM drive. On the other hand, the 
MO disc 12 serving as a target storage medium is loaded 
in the MO drive. The subject software program in the CD- 
ROM 1 1 has a software identifier SIDi, and the MO disc 
12 owns its unique storage medium identifier IDk. 
[0031] First of all, at the end user's terminal station, 
the manager application program MA in the CD-ROM 1 1 
starts with accepting a request from the end user for cop- 
ying a specific software program. Upon this request, the 
manager application program MA reads out the corre- 
sponding software identifier SIDi from the CD-ROM 11 
as well as extracting the storage medium identifier IDk 
from the MO disc 12. Those two identifiers are then sent 
to the software license center along with a request mes- 
sage containing information necessary for a software li- 



cense. 

[0032] The central site receives the above-described 
request from the user and saves the contents of the re- 
quest into a user profile database 1 3. The received soft- 

5 ware identifier SIDi and storage medium identifier IDk 
are supplied to a signature processor 14, where the iden- 
tifiers S/D/and /D/care compressed into a certificate code 
CS. In this compression process, a certification key KEYc 
operates as a private key (or secret key). The produced 

10 certificate code CS will serve as what is referred to as 
the "signature" in FIG. 1 . The certification key KEYc used 
by the signature processor 14 is then directed to an en- 
cryption unit 1 5 to be encrypted with a user key KU, thus 
producing a ciphertext EKU(KEYc). The certificate code 

15 CS generated by the signature processor 14 and the ci- 
phertext EKU(KEYc) generated by the encryption unit 15 
are finally transmitted together with the central site iden- 
tifier IDc to the end user's site as a response to the re- 
quest from the end user. 

20 [0033] At the end user's site, the terminal station ex- 
tracts the certificate code CS and ciphertext EKU(KEYc) 
from among the information received from the central site 
and writes them into the target MO disc 1 2. The certificate 
code CS and ciphertext EKU(KEYc) recorded in the MO 

25 disc 1 2 are retrieved and sent to the manager application 
program. 

[0034] Then, in the terminal station, a signature verifi- 
cation process starts. First, a decryption unit 1 6 decodes 
the ciphertext EKU(KEYc) using the user key KU and 

30 extracts the certification key KEYc, which was once en- 
crypted at the central site. Out of the software identifier 
SIDi retrieved from the CD-ROM 1 1 and the storage me- 
dium identifier IDk retrieved from the MO disc 12, a sig- 
nature processor 17 generates a certificate code CS'for 

35 verification at the end user's site. The certification key 
KEYc decrypted by the decryption unit 1 6 is used in this 
CS' generation process. Then, a comparator 18 com- 
pares the certificate code CS written in the MO disc 12 
and the certificate code CS' generated by the signature 

40 processor 17. If the comparison result indicates coinci- 
dence of the two codes CS and CS', a switch 19 will 
enable the software program having the software identi- 
fier SIDi to be written into the target MO disc 12 in the 
form of encrypted data. 

45 [0035] The following description will present a typical 
function achieved by the signature processor 14 at the 
central site and the signature processor 17 at the end 
user's site. 

[0036] FIG. 5 illustrates the structure of the signature 
50 processor, which consists of an exclusive OR logic 21 
and an encryption unit 22. The exclusive OR logic 21 
performs an exclusive OR operation on a software iden- 
tifier SIDi, storage medium identifier IDk and certificate 
code CS. The encryption unit 22 encrypts the output of 
55 the exclusive OR logic 21 with the certification key KEYc 
to produce the certificate code CS. Those two elements 
21 and 22 thus constitutes a hash function operator. 
[0037] In a block-by-block manner, the encryption unit 
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22 encrypts the software identifier S/D/and storage me- 
dium identifier /D/cwith the certification key KEYc. The 
encrypted output data is fed back to the input of the ex- 
clusive OR logic 21 and directed to the exclusive OR 
operation with the next block data. The output of the ex- 
clusive OR logic 21 is then encrypted by the encryption 
unit 22 again. The above operations are repeated until 
the final block is entered, and the result of this cyclic 
computation will come out of the encryption unit 22 as a 
certificate code CS when the encryption of the final block 
is finished. 

[0038] The licensed software program is copied to the 
MO disc 1 2 in the way described above, but the end user 
cannot run it as is, because the program is still encrypted. 
The following description will explain how it will be exe- 
cuted. 

[0039] FIG. 6 shows a procedure of executing a dupli- 
cated software program. The MO disc 12 contains the 
certificate code CS, ciphertext EKU(KEYc), storage me- 
dium identifier IDk, and software identifier SIDi, as well 
as storing the duplicated software in theform of encrypted 
data EKd(DATA). This encrypted data EKd(DATA) was 
encrypted with a key Kc/before the software was stamped 
to the CD-ROM, and the encryption key Kd is under the 
management of the manager application program. 
[0040] The terminal station at the end user' s site first 
retrieves from the MO disc 12 the certificate code CS, 
ciphertext EKU(KEYc), storage medium identifier IDk, 
and software identifier SIDi. The decryption unit 16 de- 
crypts the ciphertext EKU(KEYc) with the user key Ku, 
thereby extracting the certification key KEYc. Then the 
signature processor 17 generates another certificate 
code CS' from the software identifier S/D/and storage 
medium identifier IDk retrieved from the MO disc 12, us- 
ing the certification key KEVcdecrypted by the decryption 
unit 16. Subsequently, the comparator 18 compares the 
certificate codes CS and CS'. If the comparison indicates 
coincidence of the two codes CS and CS', the switch 19 
will allow an encrypted data file EKd(DATA) containing 
the encrypted software program to pass through to a de- 
cryption unit 25. The decryption unit 25 decrypts the en- 
crypted data file EKd(DATA) using the key Kd that is 
owned by the manager application program, thus restor- 
ing the original plaintext data file DATA. The contents of 
this decrypted data file DATA can be executed by the 
central processing unit (CPU) after being loaded to the 
memory, both of which are part of a CPU/memory unit 
26 in the terminal station. 

[0041] Next, a second embodiment of the present in- 
vention will be described below with reference to FIGS. 
7 to 10. In the second embodiment, each software pro- 
gram recorded in a CD-ROM has a software identifier 
DID uniquely assigned thereto, and its corresponding da- 
ta file Data is stored as an encrypted data file EKa (Data). 
This encrypted data file EKa(Data) has been created with 
a master medium conversion key Ka generated from the 
software identifier DID and a master key KM, which is 
managed at a software license center. The software li- 



cense center is in charge of licensing of the right to copy 
theircommercial software products. Regarding the target 
storage media, the user's MO disc has a serial number 
serving as a storage medium identifier Mid. 
5 [0042] FIG. 7 is a flowchart showing a software dupli- 
cation process performed under the above assumption 
by the software copying system of the second embodi- 
ment. 

[0043] To obtain a copy of a software program distrib- 
uted in a CD-ROM, it is necessary to go through the fol- 
lowing seven steps: 

[S1 1] The storage medium identifier Mid recorded in 
the target MO disc and the software identifier DID of 
the subject software program in the CD-ROM are 
sent from the end user's site to the software license 
center, which controls the license to copy the soft- 
ware products. 

[S12] At the software license center, it is tested 
whether the software identifier DID is registered 
therein or not. 

[S13] The storage medium identifier Mid and soft- 
ware identifier DID are encrypted with the master 
key KTWmanaged in the software license center, thus 
generating a storage medium conversion key Ku and 
master medium conversion key Ka, respectively. 
[S14] A ciphertext EMid(Ku,Ka) is generated by en- 
crypting those storage medium and master medium 
conversion keys Kuand Ka using the storage medi- 
um identifier Mid. The ciphertext EMid(Ku,Ka) \s sent 
to the end user's site as a response message to the 
request. 

[S15] The end user's site obtains the storage medi- 
um conversion key Ku and master medium conver- 
sion key Ka by decrypting the received ciphertext 
EMid(Ku, Ka) with the storage medium identifier Mid, 
while storing a ciphertext EMid(Ku), i.e., MO disc- 
related part of the ciphertext EMid(Ku,Ka), without 
attempting decryption. 

[S16] With the master medium conversion key Ka 
obtained in step S15, the encrypted data file EKa 
(Data) \n the CD-ROM which corresponds to the soft- 
ware identifier D/Dis decrypted to restore the original 
plaintext data file Data. 

[S17] The plaintext data file Data is encrypted again 
with the storage medium conversion key Kuobtained 
in step S1 5, and the encrypted data file is stored into 
the MO disc, thus finalizing the software duplication 
process. 

[0044] The above-described software duplication pro- 
cedure will be discussed in more detail below. In the sec- 
ond embodiment of the present invention, the procedure 
starts at the end user's site with sending a request to the 
software license center, which part of the procedure con- 
sists of only two things as follows. One is to read out the 
storage medium identifier Mid of the target MO disc and 
the software identifier DID of the subject software stored 
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in the CD-ROM, and the other is to send these identifiers 
Mid and D/Dto the software license center. The following 
description skips those two steps and will begin with the 
steps executed by the software license center which has 
received the above request from the end user's site. 
[0045] FIG. 8 explains the procedure executed at the 
software license center. Upon receipt of the two identifi- 
ers, Mid and DID, from the end user's site through a com- 
munications line, the software license center forwards 
the storage medium identifier M/dto an encryption unit 
31 having the master key KM under the control of the 
center, as well as supplying the software identifier DID 
to a comparator 32. The encryption unit 31 encrypts the 
storage medium identifier Mid using the master key KM 
to produce a storage medium conversion key Ku. The 
comparator 32, on the other hand, searches a contents 
identifier file 33, comparing each entry with the received 
software identifier D/Dto verify its validity. If the received 
software identifier DID coincides with the one registered 
in the contents identifier file 33, the comparator 32 closes 
a switch 34, thus allowing the software identifier DID to 
enter to an encryption unit 35 having the master key KM. 
The encryption unit 35 encrypts the software identifier 
DID with the master key KM to create a master medium 
conversion key Ka. The storage medium conversion key 
Ku produced by the encryption unit 31 and the master 
medium conversion key Ka produced by the encryption 
unit 35 are then entered to an encryption unit 36 forfurther 
encryption using the storage medium identifier Mid. A 
ciphertext EMid(Ku, Ka) produced by the encryption unit 
36 is transferred to the requesting end user through the 
communications line. Upon completion of the above 
processing steps, a request for billing is issued to the 
user profile database 37 and the cost is charged to the 
requesting end user. 

[0046] FIG. 9 explains the procedure at the end user's 
site after the above-described process is finished at the 
software license center. The ciphertext EMid(Ku,Ka) re- 
ceived from the software license center is applied to a 
decryption unit 51, while a ciphertext EMid(Ku) as part 
of the received ciphertext EMid(Ku,Ka) is written into a 
predetermined region 41 in the target MO disc 40. The 
decryption unit 51 decrypts the ciphertext EMid(Ku,Ka) 
using the storage medium identifier Mid extracted from 
the MO disc 40, thus restoring the original storage me- 
dium conversion key Kuand master medium conversion 
key Ka. This restored master medium conversion key Ka 
is then entered to a decryption unit 52 as its decryption 
key, while the restored storage medium conversion key 
Ku is entered to an encryption unit 53 as its encryption 
key. The decryption unit 52 retrieves the encrypted data 
file EKa(Data) that corresponds to the software identifier 
DID in the CD-ROM 60 and decrypts it with the master 
medium conversion key Ka, thus restoring the original 
plaintext data file Data. This data file Data is encrypted 
again by the encryption unit 53 with the storage medium 
conversion key Ku, and the resultant ciphertext EKu(Da- 
ta) is written into the target MO disc 40. 



[0047] In the way described above, the ciphertext EKu 
(Data) is written into the MO disc 40 through the process 
using two conversion keys derived from a unique identi- 
fier recorded in the MO disc 40 and a master key under 
5 the control of the software license center. Next, a proce- 
dure to execute this encrypted data file EKu(Data) will 
be described below. 

[0048] FIG. 10 illustrates a procedure of executing the 
software program that is duplicated as a data file in the 
10 MO disc40. The ciphertext EMid(Ku)'\s stored in a section 
41 as part of the rewritable region in the MO disc 40, 
while the storage medium identifier Mid is recorded in a 
non-rewritable region 42. The encrypted data file EKu 
(Data) is stored in a section in the remaining rewritable 
15 region. When the program in the encrypted data file EKu 
(Data) is called up for execution, the storage medium 
identifier Mid and ciphertext EMid(Ku) are retrieved from 
the MO disc 40 and entered to a decryption unit 54. Using 
the storage medium identifier Mid as the decryption key, 
the decryption unit 54 decrypts the ciphertext EMid(Ku) 
to restore the storage medium conversion key Ku. An- 
other decryption unit 55 then decrypts the encrypted data 
file EKu(Data) retrieved from the MO disc 40, using the 
storage medium conversion key Ku as the decryption 
key. The resultant plaintext data file Datewill be executed 
after being loaded to the main memory of a personal com- 
puter that is working as the end user's terminal station. 
[0049] The above discussion will be summarized as 
follows. According to the present invention, the software 
copying system comprises signature generating means, 
disposed at the central site, for generating a signature 
from information that identifies the target storage medium 
and subject data stored in the master medium. The sys- 
tem also comprises, at the end user's site, signature writ- 
ing means for writing the signature generated by the sig- 
nature generating means into the target storage medium, 
signature generating/comparing means for comparing a 
signature that is locally generated at the end user's site 
with the signature written in the target storage medium, 
and data copying means for copying the subject program 
to the target storage medium according to the result of 
comparison. Therefore, the central site only has to issue 
a signature associated with the identifier of the target 
storage medium, and there is no need to manage any 
license-specific information in close liaison with factories 
of the storage medium manufacturers. This also elimi- 
nates the stock control in the manufacturers and retailers 
for the storage media to be used in software copying. 
[0050] The foregoing is considered as illustrative only 
of the principles of the present invention. Further, since 
numerous modifications and changes will readily occur 
to those skilled in the art, it is not desired to limit the 
invention to the exact construction and applications 
shown and described, and accordingly, all suitable mod- 
ifications and equivalents may be regarded as falling 
within the scope of the invention in the appended claims. 
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ims 

A software copying method for duplicating software 
recorded in a master storage medium (1) to a target 
storage medium (3) in a legitimate manner achieved 5 
through communications between an end user's site 
that is requesting a licence to copy the software and 
a central site (5) that manages the license, the soft- 
ware copying method comprising the steps of: 

10 

- sending from the end user's site to the central 
site (5) a storage medium identifier (IDk) that is 
uniquely assigned to the target storage medium 
(3) and a contents identifier (SIDi) that is unique- 
ly assigned to a subject data file, together with 15 
a message requesting a software license; 

- generating at the central site (5) a first certifi- 
cate code (CS) serving as a signature from the 
storage medium identifier (IDk) and the contents 
identifier (SIDi) received from the end user site, 20 
through a signature generating process using a 
certification key (KEYc) that is managed at the 
central site (5); 

- generating at the central site (5) an encrypted 
certification key (EKU(KEYc)) by encrypting the 25 
certification key (KEYc) using a user key (KU); 

- sending from the central site (5) to the end us- 
er's site the first certificate code (CS) and the 
encrypted certification key (EKU(KEYc)); 

- writing at the end user's site the first certificate 30 
code (CS) and the encrypted certification key 
(EKU(KEYc)) received from the central site (5) 
into the target storage medium (3); 

- obtaining at the end user's site a decrypted 
certification key (KEYc) by decrypting the en- 35 
crypted certification key (EKU(KEYc)), which is 
stored in the target storage medium (3), using 

the user key (KU); 

- generating at the end user's site a second cer- 
tification code (CS') for a verification purpose by 40 
applying a signature generating process using 

the decrypted certification key (KEYc) to the 
storage medium identifier (IDk) and the contents 
identifier (SIDi); 

- comparing the first certificate code (CS) stored 45 
in the target storage medium (3) with the second 
certificate code (CS') that is generated at the 
end user's site; and 

- reading out the subject data file stored in the 
master storage medium (1 ) and writing the sub- 50 
ject data file into the target storage medium (3) 

if the first and second certificate codes (CS, CS') 
coincide with each other. 

A software copying system for duplicating software 55 
recorded in a master storage medium (1) to a target 
storage medium (3) in a legitimate manner achieved 
through communications between an end user's site 



that is requesting a license to copy the software and 
a central site (5) that manages the license, the soft- 
ware copying system comprising: 

- means for sending from the end user's site to 
the central site (5) a storage medium identifier 
(IDk) that is uniquely assigned to the target stor- 
age medium (3) and a contents identifier (SIDi) 
that is uniquely assigned to a subject data file, 
together with a message requesting a software 
license; 

- means (6) for generating at the central site (5) 
a first certificate code (CS) serving as a signa- 
ture from the storage medium identifier (IDk) and 
the contents identifier (SIDi) received from the 
end user site, through a signature generating 
process using a certification key (KEYc) that is 
managed at the central site (5); 

- means for generating at the central site (5) an 
encrypted certification key (EKU(KEYc)) by en- 
crypting the certification key (KEYc) using a user 
key (KU); 

- means for sending from the central site (5) to 
the end user's site the first certificate code (CS) 
and the encrypted certification key (EKU 
(KEYc)); 

- means for writing at the end user's site the first 
certificate code (CS) and the encrypted certifi- 
cation key (EKU(KEYc)) received from the cen- 
tral site (5) into the target storage medium (3); 

- means for obtaining at the end user's site a 
decrypted certification key (KEYc) by decrypting 
the encrypted certification key (EKU(KEYc)), 
which is stored in the target storage medium (3), 
using the user key (KU); 

- means (8) for generating at the end user's site 
a second certification code (CS') for a verifica- 
tion purpose by applying a signature generating 
process using the decrypted certification key 
(KEYc) to the storage medium identifier (IDk) 
and the contents identifier (SIDi); 

- means (8) for comparing the first certificate 
code (CS) stored in the target storage medium 
(3) with the second certificate code (CS') that is 
generated at the end user's site; and 

- means for reading out the subject data file 
stored in the master storage medium (1) and for 
writing the subject data file into the target stor- 
age medium (3) if the first and second certificate 
codes (CS,CS') coincide with each other. 

3. A software copying system according to claim 2, 
wherein said means (6) for generating certificate 
codes comprises 

- signature processing means (14) for encrypt- 
ing the first identifier (SIDi) read by a contents 
identifier reading means (2) and the second 
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identifier (IDk) read by a storage medium iden- 
tifier reading means (4) using a certification key 
(KEYc) managed at the central site (5), to pro- 
duce and transmit a certificate code (CS) that 
serves as the first signature (CS), and 5 

- encrypting means (15) for encrypting the cer- 
tification key (KEYc) using a user key (KU) reg- 
istered at the central site (5), and sending the 
encrypted certification key (EKU (KEYc)) for use 

in said means (8) for generating certificate codes 10 
to generate the second signature (CS'). 

4. A software copying system according to claim 3, 
wherein said means (8) for generating certificate 
codes comprises 15 

- decrypting means (16) for decrypting the en- 
crypted certification key (EKU(KEYc)) using the 
user key (KU), which is registered at the central 
site (5), to produce a decrypted certification key, 20 

- certificate code generating means (1 7) for gen- 
erating another certificate code (CS') for verifi- 
cation, which will serve as the second signature 
(CS') by encrypting the first identifier (SIDi) read 

by a contents identifier reading means (2) and 25 
the second identifier (IDk) read by a storage me- 
dium identifier reading means (4) using the de- 
crypted certification key (KEYc), and 

- comparing means (18) for comparing the cer- 
tificate code (CS') for verification generated by 30 
said certificate code generating means (17) with 

the certificate code (CS) stored as the first sig- 
nature (CS), in the target storage medium (3). 



Patentanspruche 

1. Softwarekopierverfahren zum Duplizieren von Soft- 
ware, die in einem Originalspeichermedium (1 ) auf- 
gezeichnet ist, auf ein Zielspeichermedium (3) in ei- 
ner legitimierten Weise, die durch Kommunikationen 
zwischen einem Endnutzerstandort, dereine Lizenz 
zum Kopieren der Software beantragt, und einem 
Zentralstandort (5), der die Lizenz verwaltet, erzielt 
wird, wobei das Softwarekopierverfahren die Schrit- 
te aufweist: 



35 



40 



45 



- Senden eines Speichermedienidentifikators 
(IDK), der dem Zielspeichermedium (3) eindeu- 

tig zugeordnet ist, und eines Inhaltsidentifikators 50 
(SIDi), der einer betreffenden Datendatei ein- 
deutig zugeordnet ist, zusammen mit einer eine 
Softwarelizenz beantragenden Nachricht vom 
Endnutzerstandort zum Zentralstandort (5); 

- Erzeugen eines ersten Bescheinigungscodes 55 
(CS), der als eine Signatur dient, am Zentral- 
standort (5) aus dem Speichermedienidentifika- 

tor (IDK) und dem Inhaltsidentifikator (SIDi), die 



von der Endnutzerseite empfangen wurden, 
durch einen Signaturerzeugungsvorgang, der 
einen Bescheinigungsschlussel (KEYc) be- 
nutzt, der am Zentralstandort (5) verwaltet wird; 

- Erzeugen eines verschlusselten Bescheini- 
gungsschlussels (EKU(KEYc)) durch Ver- 
schlusseln des Bescheinigungsschlussels 
(KEYc) unter Verwendung eines Nutzerschlus- 
sels (KU) am Zentralstandort; 

- Senden des ersten Bescheinigungscodes (CS) 
und des verschlusselten Bescheinigungs- 
schlussels (EKU(KEYc)) vom Zentralstandort 
(5) zum Endnutzerstandort; 

- Schreiben des ersten Bescheinigungscodes 
(CS) und des verschlusselten Bescheinigungs- 
schlussels (EKU(KEYc)), die vom Zentralstand- 
ort (5) empfangen wurden, am Endnutzerstand- 
ort in das Zielspeichermedium (3); 

- Erhalten eines entschlusselten Bescheini- 
gungsschlussels (KEYc) durch Entschlusseln 
des verschlusselten Bescheinigungsschlussels 
(EKU(KEYc)), der im Zielspeichermedium (3) 
gespeichert ist, unter Verwendung des Nutzer- 
schlussels (KU) am Endnutzerstandort; 

- Erzeugen eines zweiten Bescheinigungsco- 
des (CS') fiir einen Nachprufzweck durch An- 
wenden eines Signaturerzeugungsvorgangs, 
der den entschlusselten Bescheinigungsschlus- 
sel (KEYc) verwendet, auf den Speichermedi- 
enidentifikator (IDK) und den Inhaltsidentifikator 
(SIDi) am Endnutzerstandort; 

- Vergleichen des im Zielspeichermedium (3) 
gespeicherten ersten Bescheinigungscodes 
(CS) mit dem zweiten Bescheinigungscode 
(CS'), der am Endnutzerstandort erzeugt wird; 
und 

- Auslesen der im Originalspeichermedium (1) 
gespeicherten betreffenden Datendatei und 
Schreiben der betreffenden Datendatei in das 
Zielspeichermedium (3), falls der erste und der 
zweite Bescheinigungscode (CS, CS') uberein- 
stimmen. 

Softwarekopiersystem zum Duplizieren einer in ei- 
nem Originalspeichermedium (1) aufgezeichneten 
Software auf ein Zielspeichermedium (3) in einer le- 
gitimierten Weise, die durch Kommunikationen zwi- 
schen einem Endnutzerstandort, der eine Lizenz 
zum Kopieren der Software beantragt, und einem 
Zentralstandort (5), der die Lizenz verwaltet, erreicht 
wird, wobei das Softwarekopiersystem aufweist: 

- eine Einrichtung zum Senden eines Speicher- 
medienidentifikators (IDK), der dem Zielspei- 
chermedium (3) eindeutig zugeordnet ist, und 
eines Inhaltsidentifikators (SIDi), der einer be- 
treffenden Datendatei eindeutig zugeordnet ist, 
zusammen mit einer eine Softwarelizenz bean- 
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tragenden Nachricht vom Endnutzerstandort 
zum Zentralstandort (5); 

- eine Einrichtung (6) zum Erzeugen eines er- 
sten Bescheinigungscodes (CS), derals eine Si- 
gnatur dient, am Zentralstandort (5) aus dem 5 
Speichermedienidentifikator (IDK) und dem In- 
haltsidentifikator (SIDi), die von der Endnutzer- 
seite empfangen wurden, durch einen Signatur- 
erzeugungsvorgang, der einen Bescheini- 
gungsschlussel (KEYc) benutzt, deramZentral- 10 
standort (5) verwaltet wird; 

- eine Einrichtung zum Erzeugen eines ver- 
schlusselten Bescheinigungsschlussels (EKU 
(KEYc)) durch Verschlusseln des Bescheini- 
gungsschlussels (KEYc) unter Verwendung ei- 15 
nes Nutzerschlussels (KU) am Zentralstandort; 

- eine Einrichtung zum Senden des ersten Be- 
scheinigungscodes (CS) und des verschlussel- 
ten Bescheinigungsschlussels (EKU(KEYc)) 
vom Zentralstandort (5) zum Endnutzerstand- 20 
ort; 

- eine Einrichtung zum Schreiben des ersten Be- 4. 
scheinigungscodes (CS) und des verschlussel- 

ten Bescheinigungsschlussels (EKU(KEYc)), 
die vom Zentralstandort (5) empfangen wurden, 25 
am Endnutzerstandort in das Zielspeichermedi- 
um (3); 

-eine Einrichtung zum Erhalten eines entschlus- 
selten Bescheinigungsschlussels (KEYc) durch 
Entschlusseln des verschlusselten Bescheini- 30 
gungsschlussels (EKU(KEYc)), der im Zielspei- 
chermedium (3) gespeichert ist, unter Verwen- 
dung des Nutzerschlussels (KU) am Endnutzer- 
standort; 

- eine Einrichtung (8) zum Erzeugen eines zwei- 35 
ten Bescheinigungscodes (CS')fureinen Nach- 
prufzweck durch Anwenden eines Signaturer- 
zeugungsvorgangs, der den entschlusselten 
Bescheinigungsschlussel (KEYc) verwendet, 

auf den Speichermedienidentifikator (IDK) und 40 
den Inhaltsidentifikator (SIDi) am Endnutzer- 
standort; 

- eine Einrichtung (8) zum Vergleichen des im 
Zielspeichermedium (3) gespeicherten ersten 
Bescheinigungscodes (CS) mit dem zweiten 45 
Bescheinigungscode (CS'), der am Endnutzer- 
standort erzeugt wird; und 

- eine Einrichtung zum Auslesen der im Origi- 
nalspeichermedium (1) gespeicherten betref- 
fenden Datendatei und zum Schreiben der be- 50 
treffenden Datendatei in das Zielspeichermedi- 
um (3), falls der erste und der zweite Beschei- 
nigungscode (CS, CS') ubereinstimmen. R< 



- eine Signaturverarbeitungseinrichtung (14) 
zum Verschlusseln des durch eine Inhaltsiden- 
tifikator-Leseeinrichtung (2) gelesenen ersten 
Identifikators (SIDi) und des durch eine Spei- 
chermedienidentifikator-Leseeinrichtung (4) 
gelesenen zweiten Identifikators (IDK) unter 
Verwendung eines am Zentralstandort (5) ver- 
walteten Bescheinigungsschlussels (KEYc), urn 
einen Bescheinigungscode (CS), der als die er- 
ste Signatur (CS) dient, zu erzeugen und zu 
ubertragen, und 

- eine Verschlusselungseinrichtung (15) zum 
Verschlusseln des Bescheinigungsschlussels 
(KEYc) unter Verwendung eines am Zentral- 
standort (5) registrierten Nutzerschlussels (KU) 
und Senden des verschlusselten Bescheini- 
gungsschlussels (EKU(KEYc)) zur Verwendung 
in der Einrichtung (8) zum Erzeugen von Be- 
scheinigungscodes, urn die zweite Signatur 
(CS') zu erzeugen. 

Softwarekopiersystem nach Anspruch 3, bei welcher 
die Einrichtung (8) zum Erzeugen von Bescheini- 
gungscodes aufweist: 

- eine Entschlusselungseinrichtung (16) zum 
Entschlusseln des verschlusselten Bescheini- 
gungsschlussels (EKU(KEYc)) unter Verwen- 
dung des Nutzerschlussels (KU), der am Zen- 
tralstandort (5) registriert ist, urn einen ent- 
schlusselten Bescheinigungsschlussel zu er- 
zeugen, 

- eine Bescheinigungscode-Erzeugungsein- 
richtung (17) zum Erzeugen eines weiteren Be- 
scheinigungscodes (CS') zur Nachprufung, der 
als die zweite Signatur (CS') dient, durch Ver- 
schlusseln des durch eine Inhaltsidentifikator- 
Leseeinrichtung (2) gelesenen ersten Identifika- 
tors (SIDi) und des durch eine Speichermedi- 
enidentifikator-Leseeinrichtung (4) gelesenen 
zweiten Identifikators (IDK) unter Verwendung 
des entschlusselten Bescheinigungsschlussels 
(KEYc), und 

- eine Vergleichseinrichtung (18) zum Verglei- 
chen des Bescheinigungscodes (CS') zur Nach- 
prufung, der durch die Bescheinigungscode-Er- 
zeugungseinrichtung (17) erzeugt wurde, mit 
dem Bescheinigungscode (CS), derals die erste 
Signatur (CS) im Zielspeichermedium (3) ge- 
speichert ist. 



3. Softwarekopiersystem nach Anspruch 2, bei welcher 55 1. Procede de copie de logiciel destine a dupliquer un 
die Einrichtung (6) zum Erzeugen von Bescheini- logiciel enregistre dans un support de memorisation 

gungscodes aufweist: principal (1) vers un support de memorisation cible 

(3) d'une maniere legitime realise par I'intermediaire 
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de communications entre un site d'utilisateur final 
qui demande une autorisation de copier le logiciel et 
un site central (5) qui gere la licence, le procede de 
copie de logiciel comprenant les etapes consistant 
a : 5 

- envoyer du site d'utilisateurfinal au site central 
(5) un identificateur de support de memorisation 
(IDk) qui est affecte de maniere unique au sup- 
port de memorisation cible (3) et un identifica- 10 
teur de contenu (SIDi) qui est affecte de maniere 
unique a un fichier de donnees objet, en meme 
temps qu'un message demandant une licence 

de logiciel, 

- generer au niveau du site central (5) un premier 15 
code de certificat (CS) servant de signature a 
partir de I'identificateur de support de memori- 
sation (IDk) et de I'identificateur de contenu (SI- 
Di) recus du site d'utilisateur final par I'interme- 
diaire d'un traitement de generation de signatu- 20 
re utilisant une cle de certification (KEYc) qui est 
geree au niveau du site central (5), 

- generer au niveau du site central (5) une cle 
de certification cryptee (EKU(KEYc)) en cryp- 
tant la cle de certification (KEYc) en utilisant une 25 
cle d'utilisateur (KU), 

- envoyer du site central (5) au site d'utilisateur 
final le premier code de certificat (CS) et la cle 
de certification cryptee (EKU(KEYc)), 

- ecrire au niveau du site d'utilisateurfinal le pre- 30 
mier code de certificat (CS) et la cle de certifi- 
cation cryptee (EKU(KEYc)) recus du site cen- 
tral (5) dans le support de memorisation cible 

(3), 

- obtenir au niveau du site d'utilisateur final une 35 
cle de certification decryptee (KEYc) en decryp- 
tant la cle de certification cryptee (EKU(KEYc)), 

qui est memorisee dans le support de memori- 
sation cible (3), en utilisant la cle d'utilisateur 
(KU), 40 

- generer au niveau du site d'utilisateur final un 
second code de certificat (CS') a des fins de 
verification en appliquant un traitement de ge- 
neration de signature utilisant la cle de certifica- 
tion decryptee (KEYc) a I'identificateur de sup- 45 
port de memorisation (IDk) et a I'identificateur 

de contenu (SIDi), 

- comparer le premier code de certificat (CS) 
memorise dans le support de memorisation ci- 
ble (3) au second code de certificat (CS') qui est 50 
genere au niveau du site d'utilisateurfinal, et 

- lire le fichier de donnees objet memorise dans 
le support de memorisation principal (1 ) et ecrire 
le fichier de donnees objet dans le support de 
memorisation cible (3) si les premier et second 55 
codes de certificats (CS, CS') coincident I'un 
avec I'autre. 



2. Systeme de copie de logiciel destine a dupliquer un 
logiciel enregistre dans un support de memorisation 
principal (1) vers un support de memorisation cible 
(3) d'une maniere legitime realise par I'intermediaire 
de communications entre un site d'utilisateur final 
qui demande une autorisation de copier le logiciel et 
un site central (5) qui gere la licence, le systeme de 
copie de logiciel comprenant : 

- un moyen destine a envoyer du site d'utilisateur 
final au site central (5) un identificateur de sup- 
port de memorisation (IDk) qui est affecte de 
maniere unique au support de memorisation ci- 
ble (3) et un identificateur de contenu (SIDi) qui 
est affecte de maniere unique a un fichier de 
donnees objet, en meme temps qu'un message 
demandant une licence de logiciel, 

- un moyen (6) destine a generer au niveau du 
site central (5) un premier code de certificat (CS) 
servant de signature a partir de I'identificateur 
de support de memorisation (IDk) et de I'identi- 
ficateur de contenu (SIDi) regus du site d'utili- 
sateur final, par I'intermediaire d'un traitement 
de generation de signature utilisant une cle de 
certification (KEYc) qui est geree au niveau du 
site central (5), 

- un moyen destine a generer au niveau du site 
central (5) une cle de certification cryptee (EKU 
(KEYc)) en cryptant la cle de certification (KEYc) 
en utilisant une cle d'utilisateur (KU), 

- un moyen destine a envoyer du site central (5) 
au site d'utilisateur final le premier code de cer- 
tificat (CS) et la cle de certification cryptee (EKU 
(KEYc)), 

- un moyen destine a ecrire au niveau du site 
d'utilisateur final le premier code de certificat 
(CS) et la cle de certification cryptee (EKU 
(KEYc)) regus du site central (5) dans le support 
de memorisation cible (3), 

- un moyen destine a obtenir au niveau du site 
d'utilisateurfinal une cle de certification decryp- 
tee (KEYc) en decryptant la cle de certification 
cryptee ((EKU(KEYc)), qui est memorisee dans 
le support de memorisation cible (3), en utilisant 
la cle d'utilisateur (KU), 

- un moyen (8) destine a generer au niveau du 
site d'utilisateurfinal un second code de certifi- 
cat (CS') a des fins de verification en appliquant 
un traitement de generation de signature utili- 
sant la cle de certification decryptee (KEYc) a 
I'identificateur de support de memorisation (IDk) 
et a I'identificateur de contenu (SIDi), 

- un moyen (8) destine a comparer le premier 
code de certificat (CS) memorise dans le sup- 
port de memorisation cible (3) au second code 
de certificat (CS') qui est genere au niveau du 
site d'utilisateur final, et 

- un moyen destine a lire le fichier de donnees 
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objet memorise dans le support de memorisa- 
tion principal (1) et destine a ecrire le fichier de 
donnees objet dans le support de memorisation 
cible (3) si les premier et second codes de cer- 
tificats (CS, CS') coincident Tun avec I'autre. 5 

Systeme de copie de logiciel selon la revendication 

2, dans lequel ledit moyen (6) destine a generer des 
codes de certificats comprend : 

10 

- un moyen de traitement de signature (14) des- 
tine a crypter le premier identificateur (SIDi) lu 
grace a un moyen de lecture d'identificateur de 
contenu (2) et le second identificateur (IDk) lu 
grace au moyen de lecture d'identificateur de 15 
support de memorisation (4) en utilisant une cle 

de certification (KEYc) geree au niveau du site 
central (5), pour produire et transmettre un code 
de certificat (CS) qui sert de premiere signature 
(CS),et 20 

- un moyen de cryptage (15) destine a crypter 
la cle de certification (KEYc) en utilisant une cle 
d'utilisateur (KU) enregistree au niveau du site 
central (5), et a envoyer la cle de certification 
cryptee (EKU(KEYc)) en vue d'une utilisation 25 
dans ledit moyen (8) destine a generer des co- 
des de certificats pour generer la seconde si- 
gnature (CS'). 

Systeme de copie de logiciel selon la revendication 30 

3, dans lequel ledit moyen (8) destine a generer des 
codes de certificats comprend : 

- un moyen de decryptage (16) destine a de- 
crypter la cle de certification cryptee (EKU 35 
(KEYc)) en utilisant la cle d'utilisateur (KU), qui 

est enregistree au niveau du site central (5), 
pour produire une cle de certification decryptee, 

- un moyen de generation de code de certificat 
(17) destine a generer un autre code de certificat ^ 
(CS') a des fins de verification, qui servira de 
seconde signature (CS') en cryptant le premier 
identificateur (SIDi) lu par un moyen de lecture 
d'identificateur de contenu (2) et le second iden- 
tificateur (IDk) lu par un moyen de lecture d'iden- 45 
tificateur de support de memorisation (4) en uti- 
lisant la cle de certification decryptee (KEYc), et 

- un moyen de comparaison (18) destine a com- 
parer le code de certificat (CS'), pour une veri- 
fication, genere par ledit moyen de generation 50 
de code de certificat (17) avec le code de certi- 
ficat (CS) memorise en tant que premiere signa- 
ture (CS), dans le support de memorisation cible 

(3). 
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FIG. 1 
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f START ) 







SEND IDk AND SI Di TO CENTRAL SITE 


. 





S2 



RECEIVE CS GENERATED FROM "TDk I / 
AND SIDi IN CENTRAL SITE 



1 



WRITE CS INTO MO DISC 



GENERATE CS' FROM I Dk AND SID i " I P 
AT END USER'S SITE 



S3 
S4 



COMPARE CS' GENERATED BY END USER rS5 
WITH CS STORED IN MO DISC 




COPY ENCRYPTED DATA FILE PRC 
MASTER CD-ROM TO MQ DISC 



END 



FIG. 2 
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FIG. 3 (A) 




FIG. 3 (B) 
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f start} 

_E_ 

SEND Mid AND DID TO CENTRAL SITE 



CHECK LEGITIMACY OF DID AT CENTRAL SITE 



I 



GENERATE Ku AND Ka BY ENCRYPTING 
Mid AND DID WITH KM 



I 



PRODUCE EM id (Ku, Ka) BY ENCRYPTING 
Ku AND Ka WITH Mid AND SEND 
BACK TO REQUESTER 



I 



WRITE EMid (Ku) INTO MO DISC 
AND RESTORE Ku AND Ka 
BY DECRYPTING EMid(Ku.Ka) WITH Mid 



I 



RESTORE Data 
BY DECRYPTING EKaCData) WITH Ka 



I 



WRITE Data INTO MO DISC 
AFTER ENCRYPTING Data WITH Ku AGAIN 
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